IntenseWebs/boringproxy
3
0
Fork 0
mirror of https://github.com/boringproxy/boringproxy.git synced 2025-02-25 18:55:29 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into oauth2

Browse Source
This commit is contained in:
Anders Pitman 2022-03-04 12:02:34 -07:00
commit f509d5fcc0
1 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
api.go
View File

@ -152,11 +152,14 @@ func (a *Api) handleUsers(w http.ResponseWriter, r *http.Request) {
if tokenData.Client != "" {
w.WriteHeader(403)
io.WriteString(w, "Token cannot be used to create users")
io.WriteString(w, "Token cannot be used to manage users")
return
}
switch r.Method {
case "GET":
users := a.GetUsers(tokenData, r.Form)
json.NewEncoder(w).Encode(users)
case "POST":
err := a.CreateUser(tokenData, r.Form)
if err != nil {
@ -193,6 +196,9 @@ func (a *Api) handleTokens(w http.ResponseWriter, r *http.Request) {
}
switch r.Method {
case "GET":
tokens := a.GetTokens(tokenData, r.Form)
json.NewEncoder(w).Encode(tokens)
case "POST":
r.ParseForm()
token, err := a.CreateToken(tokenData, r.Form)
@ -204,7 +210,7 @@ func (a *Api) handleTokens(w http.ResponseWriter, r *http.Request) {
io.WriteString(w, token)
default:
w.WriteHeader(405)
w.Write([]byte(err.Error()))
fmt.Fprintf(w, "Invalid method for /api/tokens")
}
}
@ -264,7 +270,7 @@ func (a *Api) handleClients(w http.ResponseWriter, r *http.Request) {
}
default:
w.WriteHeader(405)
w.Write([]byte(err.Error()))
fmt.Fprintf(w, "Invalid method for /api/clients")
}
}
@ -496,6 +502,35 @@ func (a *Api) DeleteToken(tokenData TokenData, params url.Values) error {
}
func (a *Api) GetTokens(tokenData TokenData, params url.Values) map[string]TokenData {
tokens := a.db.GetTokens()
user, _ := a.db.GetUser(tokenData.Owner)
for key, tok := range tokens {
if !user.IsAdmin && tok.Owner != tokenData.Owner {
delete(tokens, key)
}
}
return tokens
}
func (a *Api) GetUsers(tokenData TokenData, params url.Values) map[string]User {
user, _ := a.db.GetUser(tokenData.Owner)
users := a.db.GetUsers()
if user.IsAdmin {
return users
} else {
return map[string]User{
tokenData.Owner: user,
}
}
}
func (a *Api) CreateUser(tokenData TokenData, params url.Values) error {
user, _ := a.db.GetUser(tokenData.Owner)